MODeflattener
Miasm's Ollvm Deflattener
MODeflattener deobfuscates control flow flattened functions obfuscated by OLLVM using Miasm.
https://mrt4ntr4.github.io/MODeflattener/
| Flattened Flow | Deflattened Flow |
|---|---|
 |
 |
Installation
git clone https://github.com/mrT4ntr4/MODeflattener.git
cd MODeflattener
pip3 install -r requirements.txt
Usage
└──╼ $python3 modeflattener.py -h
usage: modeflattener [-h] [-a] [-l LOG] filename patch_filename address
positional arguments:
filename file to deobfuscate
patch_filename deobfuscated file name
address obfuscated function address
optional arguments:
-h, --help show this help message and exit
-a, --all find functions recursively and deobfuscate if flattened
-l LOG, --log LOG logging level (default=INFO)
Supported Architectures
- x86
